okTurtles Foundation

Supporting beneficial decentralization technologies.

okTurtles Browser Extension
Simple, surveillance-free communication, everywhere.

MITM-proof communication through almost any website, with zero intervention needed from the site operators.

okTurtles is designed with the potential to work over almost any website. All it needs to create an encrypted message for someone is the identity of that person, specifically, their public key. Unlike the system that HTTPS uses today, okTurtles is able to securely obtain this information by using DNSChain.

DNS-based censorship circumvention

The developers of Unblock.us.org and DNSChain are teaming up to bring the anti-censorship features of Unblock.us into DNSChain. Each project benefits from the other: DNSChain ensures MITM-free communication and Unblock.us ensures that the communication passes through firewalls.


Won't this help the "bad guys"?

Unfortunately, it's increasingly difficult to tell who the bad guys are. This is a very important question and that's why it's the first one. See our paper's "Motivation" section for the answer.

Has this proposal been peer-reviewed?


In addition to the reviewers mentioned in the paper's acknowledgement's, our paper was submitted to various lists and forums. To date, active discussions took place at links below (and our proposal appears to have withstood criticism2):

One significant problem facing Namecoin, Bitcoin, and virtually all other cryptocurrencies, is the so-called "51% problem". Solutions to the 51% problem exist, but they introduce other problems.

At present, blockchain-based solutions appear to be the best we have. We will keep our eye on new developments and update our website and blog accordingly.

We plan on submitting this proposal to even more lists and sites. Our sincere thanks go out to everyone who has helped spread the word about this project!

Who's behind these projects?

okTurtles and DNSChain are the brainchildren of Greg Slepak, but he did not invent every aspect of these concepts. He's grateful to Aaron Swartz for turning him on to the idea, and for answering some of his questions about it. Of course, none of this would be possible if it wasn't for Satoshi Nakamoto's historic paper on Bitcoin, and the entire Namecoin community.

Will Stanley is chiefly responsible for this website's design. He has a passion for clean, simple, beautiful design.

Olga Ivanova is the master illustrator behind the okTurtles logo.

Is this project really "MITM/NSA-proof"?

When we state that okTurtles will "MITM-proof" your online communications, we mean that it will stop all of the publicly known methods by which the NSA can read your messages on these sites via a man-in-the-middle attack.

Specifically, okTurtles will provide true end-to-end encryption and authentication between you and the person you're communicating with that does not fall prey to any of the following:

  • Coercion of any sort against the host company (e.g. forcing Google or Facebook to hand over their data).
  • Publicly known attacks against the cryptography in use.
  • Interception, redirection, and/or tampering-with of the communication in question.

Additionally, it is our intention to provide a modicum of plausible deniability features that might protect *you* from coercion (the gun-to-the-head scenario), but they do not guarantee such protection.

It should go without saying that okTurtles will not protect you from any of the following:

  • Your (in)voluntary disclosure of your password(s).
  • Software bugs, or newly feasable attacks against the cryptography in use.
  • Your use of a computer that has been compromised in some other way.
  • The above, but applied to the people you're communicating with.
  • Acts of a diety or some hitherto unknown supra-human intelligence.

I want to help! How can I participate?

Welcome! Join the community and help us fund the Kickstarter once it's ready (subscribe to know when that'll be).

Is this "vaporware"?

Maybe! It pains me to write this but implementing this correctly has turned out to be insanely difficult — it basically requires rewriting how the Internet's infrastructure works. We've begun this process by pushing DPKI — Decentralized Public Key Infrastructure. This is going to take a long time to do properly. However, there does exist a less secure alternative in the form of FlowCrypt.
Absolutely not! We have a functioning (though incomplete) version of DNSChain already written. okTurtles is a tad more complicated, and requires a community effort to keep it running smoothly on third-party sites. Most of the design has been explained in our paper, all that remains is to implement it.

Are you going to update this site soon with more info?


Does this browser make my butt look fat?

Of course not! Unless... are you using IE? I think Firefox looks especially good on you.

┬┐Incluy├│ intencionalmente 42 referencias en su papel?

I'm not sure. It definitely made me less likely to add more once I got to that number. ;-)

Did you make up these "frequently asked" questions?

Some of them. Had to anticipate what they might be. ^_^